package cc.ucanuup.config.security;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;

import cc.ucanuup.config.security.exceptions.ValidCodeErrorException;
import cc.ucanuup.config.security.token.LoginToken;
import cc.ucanuup.config.security.util.ValidateCodeHandle;
import cc.ucanuup.service.base.inter.UpUserService;

/**
 * 文件名： com.bozhon.config.sercurity.MyLoginFilter.java
 * 作者：   WenBin
 * 日期：   2018年2月5日
 * 功能说明：自定义拦截器 用于拦截 登陆前的用户信息
 * =========================================================
 * 修改记录：
 * 修改作者    日期      修改内容
 * =========================================================
 *  Copyright (c) 2010-2011 .All rights reserved.
 */
public class MyLoginFilter implements Filter{

	public static ThreadLocal<LoginToken>   spCodeThread = new ThreadLocal<LoginToken>();

	private String usernameParam = "username";
	private String flag = "supplierFlag";
	private String validCodeParam = "validateCode";
	private String supplierCode = "supplierCode";
	private String type = "loginType";

	@Autowired
	private UpUserService  upUserService;

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {

	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		String username = request.getParameter(usernameParam);
		String supplierFlag = request.getParameter(flag);
		String loginType =  request.getParameter(type);
		// 获取验证码
		String validCode = request.getParameter(validCodeParam);
		String spCode = request.getParameter(supplierCode);
		LoginToken token = new LoginToken();
		token.setLoginType(loginType);
		token.setSpcode(spCode);
		token.setVcode(validCode);
		token.setFlag( supplierFlag == null? false : true);
		spCodeThread.set(token);
		if(loginType != null){
			HttpServletRequest rq = (HttpServletRequest)request;
			String path = rq.getContextPath();
			if(loginType.equals("1")){
				try {
					valid(validCode, ((HttpServletRequest) request).getSession());
				} catch (Exception e) {
					HttpServletResponse rp = (HttpServletResponse)response;
					rq.setAttribute(usernameParam, username);
					rp.sendRedirect(path+"/login");
					return ;
				}
			}/*else if(loginType.equals("2")){
				// 这里校验供应商是否存在
				if(supplierFlag==null){

				}else{
					UpUser sp = upUserService.findSupplierByName(spCode);
					if(sp == null){
						HttpServletResponse rp = (HttpServletResponse)response;
						rq.setAttribute(usernameParam, username);
						rp.sendRedirect(path+"/srmlogin");
						return ;
					}
				}
			}*/else{
				HttpServletResponse rp = (HttpServletResponse)response;
				rp.sendRedirect(path+"/login");
				return ;
			}
		}
		chain.doFilter(request, response);
	}

	@Override
	public void destroy() {


	}

	public void valid(String validCode, HttpSession session) {
		if (validCode == null) {
			throw new ValidCodeErrorException("验证码为空!");
		}
		if (!ValidateCodeHandle.matchCode(session.getId(), validCode)) {
			throw new ValidCodeErrorException("验证码错误!");
		}
	}
}
